ClawHub

Apiosk Skill

Security checks across malware telemetry and agentic risk

Overview

Apiosk is not clearly malicious, but it handles real crypto funds with plaintext wallet storage and automatic paid calls that need careful review before use.

Install only if you are comfortable using a small, dedicated hot wallet and sending request data plus wallet-linked metadata to Apiosk. Keep minimal funds in the wallet, avoid sensitive payloads, do not rely on the documented daily/per-request limits unless you verify enforcement yourself, and prefer a verifiable Foundry install path over piping a remote script into bash.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The example shows an infinite loop that continuously invokes a paid API without a strong warning about cumulative charges, rate limiting, or budget enforcement. In an agent setting, users may copy this pattern directly, leading to unintended ongoing micropayments and financial loss, especially because the skill's core function is monetized external access.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script sends wallet-linked identifying data to a remote gateway derived from local configuration, with no trust validation, warning, or consent prompt. This enables privacy leakage and endpoint abuse if the configured gateway is malicious or compromised, especially since the script markets itself as payment-related and may encourage users to trust it with wallet-associated activity.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script sends the wallet address to an external gateway using a network request without any explicit consent, warning, or privacy notice. Even though a wallet address is public on-chain, linking it to use of this specific tool or service can expose behavioral metadata and enable tracking by the gateway operator or intermediaries.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal